5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.5%
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance, formerly known as Cisco Web Security Appliance (WSA), could allow an unauthenticated, remote attacker to bypass a configured rule, thereby allowing traffic onto a network that should have been blocked.
This vulnerability exists because malformed, encoded traffic is not properly detected. An attacker could exploit this vulnerability by connecting through an affected device to a malicious server and receiving malformed HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
[
{
"vendor": "Cisco",
"product": "Cisco Secure Web Appliance",
"versions": [
{
"version": "11.8.0-414",
"status": "affected"
},
{
"version": "11.8.1-023",
"status": "affected"
},
{
"version": "11.8.3-018",
"status": "affected"
},
{
"version": "11.8.3-021",
"status": "affected"
},
{
"version": "12.0.1-268",
"status": "affected"
},
{
"version": "12.0.3-007",
"status": "affected"
},
{
"version": "12.5.2-007",
"status": "affected"
},
{
"version": "12.5.1-011",
"status": "affected"
},
{
"version": "12.5.4-005",
"status": "affected"
},
{
"version": "12.5.5-004",
"status": "affected"
},
{
"version": "14.5.0-498",
"status": "affected"
},
{
"version": "14.0.3-014",
"status": "affected"
},
{
"version": "14.0.2-012",
"status": "affected"
}
]
}
]
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.5%